Configure WP Ghost on a Cloud Panel server by setting the server type to Cloud Panel, generating the rewrite rules, then including the hidemywp.conf file in the Cloud Panel Vhost configuration above the {{settings}} line. Cloud Panel is a free hosting control panel that runs Nginx, MySQL, and PHP, popular for VPS deployments. Because Cloud Panel uses Nginx instead of Apache, WP Ghost can’t write to .htaccess like it does on Apache servers – the Nginx rules need to be loaded from a separate config file. This guide walks through the complete setup including the Cloud Panel-specific Vhost include step.
You’ll need:
Install WP Ghost like any other WordPress plugin. You can install the free version from the WordPress directory or the Premium version from your WP Ghost account. For step-by-step installation instructions, see Install WP Ghost Free Plugin or Install WP Ghost Premium Plugin.
WP Ghost auto-detects most server types, but on Cloud Panel you should set it manually to ensure the correct rewrite rule format.
Now configure your path security:
WP Ghost generates the rewrite rules and writes them to hidemywp.conf in your WordPress root directory. You’ll see a notification asking you to add this file to your Cloud Panel Vhost configuration.
This is the Cloud Panel-specific step. You need to manually include the WP Ghost config file in your site’s Vhost configuration.
{{settings}} line in the Vhost configuration.{{settings}} line:include /home/clp/htdocs/yoursite.com/hidemywp.conf;
{{settings}}/home/clp/htdocs/yoursite.com/.Important: The include directive must be placed above the {{settings}} line, not below. The {{settings}} placeholder is where Cloud Panel injects its own server configuration. Including the WP Ghost rules above ensures they’re loaded before Cloud Panel’s defaults take over.
After restarting Nginx, test that everything works:
/wp-login.php – it should return 404.Custom wp-admin path is not fully supported on Cloud Panel. If you set a custom wp-admin path with WP Ghost, you may still be redirected to the default /wp-admin on login. This is because Cloud Panel’s Vhost structure doesn’t allow Nginx to rewrite the wp-admin path consistently. The login path itself can be changed successfully – this limitation only affects the wp-admin directory rename.
Recommended workaround: Use Lite Mode (which keeps wp-admin at the default path) or focus on changing the login path, plugin paths, theme paths, and uploads paths instead. These all work correctly on Cloud Panel and provide significant attack surface reduction even without renaming wp-admin.
Every other WP Ghost feature works on Cloud Panel: firewall, brute force protection, 2FA, security headers, and most path changes.
You probably haven’t added the include directive to the Vhost file yet, or you forgot to restart Nginx. Go to your Cloud Panel Vhost editor, verify the include /path/to/hidemywp.conf; line is present above {{settings}}, save, and restart Nginx.
Cloud Panel validates the Vhost file before applying changes. If you see an error, the most common cause is a wrong file path in the include directive or a missing semicolon. Check the path matches your actual WordPress installation directory and ensure the line ends with a semicolon: include /home/clp/htdocs/yoursite.com/hidemywp.conf;
The file path in your Vhost include directive doesn’t match the actual file location. SSH into your server and run find / -name "hidemywp.conf" 2>/dev/null to locate the file. Update the include directive to use the correct path. Common locations: /home/clp/htdocs/yoursite.com/ or /var/www/yoursite.com/.
This is the known Cloud Panel limitation described above. Custom wp-admin paths can’t be fully rewritten on Cloud Panel. Use Lite Mode or leave wp-admin at the default. All other path security features still work.
Use the Safe URL parameter to bypass WP Ghost temporarily. If that doesn’t work, see the Emergency Disable guide to recover access via FTP.
Yes. Nginx loads its configuration at startup and keeps it in memory. Whenever WP Ghost updates the hidemywp.conf file (which happens any time you save Change Paths settings), you must restart Nginx for the new rules to take effect. Use the restart button in Cloud Panel or run the restart command via SSH.
No. Cloud Panel uses Nginx by default and is made by Hetzner. CyberPanel uses OpenLiteSpeed by default. They have different Vhost configurations and different ways of handling rewrite rules. If you’re on CyberPanel, see the OpenLiteSpeed .htaccess setup guide instead.
Yes. WP Ghost is fully compatible with WooCommerce on Cloud Panel. Cart, checkout, product pages, and customer accounts all work normally with the configuration described above.
No. WP Ghost writes rewrite rules to hidemywp.conf (a separate config file in your WordPress directory) and uses WordPress hooks. No core files are modified. Deactivating WP Ghost restores all defaults instantly.
Server configuration for WP Ghost:
Replace the default wp_ database prefix with a random one to protect against SQL injection…
Change the WordPress uploads directory path with WP Ghost (rewrite rules, no files moved) or…
Configure WP Ghost with WP Rocket cache. Enable file optimization, Change Paths in Cache Files.…
https://youtu.be/6ylhojSi-_E In this video, we’ll explore why website security matters and what can happen if…
The security of your WordPress site depends on multiple factors, such as the strength of…
Step-by-step guides to connect WP Ghost 2FA with Google Authenticator, Authy, Microsoft Authenticator, or LastPass.…